FCC Proposes Voluntary Cybersecurity Labeling Program for Smart Devices

The Federal Communications Commission will consider a proposal to create a “voluntary cybersecurity labeling program” for smart devices, in an effort to boost transparency and protection against cyber threats in the growing Internet of Things market – a channel that cyber criminals are increasingly using to attack education institutions.

FCC Chairwoman Jessica Rosenworcel unveiled the proposal, noting that with an estimated 17 billion smart devices already in use and another 25 billion projected to be online by 2030, the Internet of Things represents a significant threat surface for cyber criminals — one that is already resulting in more malware attacks in the United States. 

Image is proposed logo for FCC smart device cyber trust labeling program with the words U.S. Cyber Trust Mark

The threat is especially high in education, where smart devices range from speakers and smart displays to printers and vending machines: SonicWall revealed in April in its 2023 Cyber Threat Report that malware attacks targeting smart devices in education institutions rose 146% in 2022.

The draft proposal, called a Notice of Proposed Rulemaking, outlines the program, whichwould be established under the FCC’s authority to regulate wireless communications devices based on cybersecurity criteria developed by the National Institute of Standards and Technology, the FCC said on its website. If the proposal is approved by a vote of the full commission, it would then be posted for public comment, and “could be up and running by late 2024,” the FCC said. 

The program would provide “clear information about the security of Internet-enabled devices” and products meeting the program’s requirements would bear a new U.S. Cyber Trust Mark, according to the announcement. 

Such a labeling program “would help consumers make informed purchasing decisions, differentiate trustworthy products in the marketplace, and create incentives for manufacturers to meet higher cybersecurity standards,” the FCC said. 

The proposal would seek input on issues “including the scope of devices for sale in the U.S. that should be eligible for inclusion in the labeling program, who should oversee and manage the program, how to develop the security standards that could apply to different types of devices, how to demonstrate compliance with those security standards, how to safeguard the cybersecurity label against unauthorized use, and how to educate consumers about the program,” the agency said. 

Also unveiled by the FCC is the proposed U.S. Cyber Trust Mark logo, which would appear on packaging alongside a QR code that consumer can scan for further information; it is pending approval by the U.S. Patent and Trademark Office. 

Learn more at FCC.gov.

About the Author

Kristal Kuykendall is editor, 1105 Media Education Group. She can be reached at [email protected].


Featured

  • abstract pattern of shapes, arrows and circuit lines

    Internet2 Announces a New President and CEO to Step Up in October

    Internet2, the member-driven nonprofit offering advanced network technology services and cyberinfrastructure to the research and education community has completed its search, which began this past May, for a new president and CEO to take the helm.

  • shield with an AI microchip emblem hovering above stacks of gold coins

    AI Security Spend Surges While Traditional Security Budgets Shrink

    A new Thales report reveals that while enterprises are pouring resources into AI-specific protections, only 8% are encrypting the majority of their sensitive cloud data — leaving critical assets exposed even as AI-driven threats escalate and traditional security budgets shrink.

  • stack of gold coins disintegrates into digital particles against a dark circuit-board background with glowing AI imagery

    MIT Report: Most Organizations See No Business Return on Gen AI Investments

    A recent report out of the MIT Media Lab found that despite $30-40 billion in enterprise spending on generative AI, 95% of organizations are seeing no business return.

  • young man in a denim jacket scans his phone at a card reader outside a modern glass building

    Colleges Roll Out Mobile Credential Technology

    Allegion US has announced a partnership with Florida Institute of Technology (FIT) and Denison College, in conjunction with Transact + CBORD, to install mobile credential technologies campuswide. Implementing Mobile Student ID into Apple Wallet and Google Wallet will allow students access to campus facilities, amenities, and residence halls using just their phones.